Hello,
On Sat, 1 Sep 2018 at 20:49, Lukas Tribus <lu...@ltri.eu> wrote: > > I've confirmed the change in behavior only happens with an ECC > > certificate, an RSA certificate is not affected. > > Just to confirm that this is still an actual problem with current > haproxy and openssl 1.1.1pre9. > > You just have to use a ECC certificate instead of a RSA certificate, > and it will fail with TLSv1.1 when strict-sni is enabled. Actually the problem is worse: SNI doesn't work *at all* with ECC certificates in TLSv1.1 and TLSv1.0. It simply falls back to a matching RSA certificate or the default-certificate. Of course, if only the ECC certificate is there, and strict-sni is set, the handshake is rejected. Same exact behavior happens with boringssl as well (not only openssl 1.1.1). Any help with this would be much appreciated. Thanks, Lukas